LiveActive security incident?Get immediate response
CVE archive

April 2020

Browse CVE records published in April 2020, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 1821 matching CVEs · Page 2 of 37.

Critical · CVSS 10

CVE-2020-28619: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->twin().

Published Apr 18, 2022 · Updated Apr 23, 2025

Critical · CVSS 10

CVE-2020-28620: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->center_vertex():.

Published Apr 18, 2022 · Updated Apr 23, 2025

Critical · CVSS 10

CVE-2020-28621: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->out_sedge().

Published Apr 18, 2022 · Updated Apr 23, 2025

Critical · CVSS 10

CVE-2020-28622: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->incident_sface().

Published Apr 18, 2022 · Updated Apr 23, 2025

Critical · CVSS 10

CVE-2020-28623: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->twin().

Published Apr 18, 2022 · Updated Apr 23, 2025

Critical · CVSS 10

CVE-2020-28624: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->boundary_entry_objects SEdge_of.

Published Apr 18, 2022 · Updated Apr 23, 2025

Critical · CVSS 10

CVE-2020-28625: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->boundary_entry_objects SLoop_of.

Published Apr 18, 2022 · Updated Apr 23, 2025

Critical · CVSS 10

CVE-2020-28626: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->incident_volume().

Published Apr 18, 2022 · Updated Apr 23, 2025

Critical · CVSS 10

CVE-2020-28628: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_volume() seh->twin().

Published Apr 18, 2022 · Updated Apr 23, 2025

Critical · CVSS 10

CVE-2020-28630: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->snext().

Published Apr 18, 2022 · Updated Apr 23, 2025

Critical · CVSS 10

CVE-2020-28631: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->source().

Published Apr 18, 2022 · Updated Apr 23, 2025

Critical · CVSS 10

CVE-2020-28632: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->incident_sface().

Published Apr 18, 2022 · Updated Apr 23, 2025

Critical · CVSS 10

CVE-2020-28633: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->prev().

Published Apr 18, 2022 · Updated Apr 23, 2025

Critical · CVSS 10

CVE-2020-28634: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->next().

Published Apr 18, 2022 · Updated Apr 23, 2025

Critical · CVSS 10

CVE-2020-35629: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sloop() slh->facet().

Published Apr 18, 2022 · Updated Apr 23, 2025

Critical · CVSS 10

CVE-2020-35630: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() sfh->center_vertex().

Published Apr 18, 2022 · Updated Apr 23, 2025

Critical · CVSS 10

CVE-2020-35631: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() SD.link_as_face_cycle().

Published Apr 18, 2022 · Updated Apr 23, 2025

Critical · CVSS 10

CVE-2020-35632: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() sfh->boundary_entry_objects Edge_of.

Published Apr 18, 2022 · Updated Apr 23, 2025

High · CVSS 7.7

CVE-2020-25163: OSIsoft PI Vision Cross-site Scripting

A remote attacker with write access to PI ProcessBook files could inject code that is imported into OSIsoft PI Vision 2020 versions prior to 3.5.0. Unauthorized information disclosure, modification, or deletion is also possible if a victim views or interacts with the infected display. This vulnerability affects PI System data and other data accessible with victim’s user permissions.

Published Apr 18, 2022 · Updated Apr 16, 2025

High · CVSS 7.6

CVE-2020-25150: B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus

A relative path traversal attack in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers with service user privileges to upload arbitrary files. By uploading a specially crafted tar file an attacker can execute arbitrary commands.

Published Apr 14, 2022 · Updated Apr 16, 2025

High · CVSS 7.6

CVE-2020-25166: B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus

An improper verification of the cryptographic signature of firmware updates of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to generate valid firmware updates with arbitrary content that can be used to tamper with devices.

Published Apr 14, 2022 · Updated Apr 16, 2025

Medium · CVSS 4.3

CVE-2020-13495: An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files.

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files. A specially crafted malformed file can trigger an arbitrary out-of-bounds memory access that could lead to the disclosure of sensitive information. This vulnerability could be used to bypass mitigations and aid additional exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided file.

Published Apr 18, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.4

CVE-2020-13590: Multiple exploitable SQL injection vulnerabilities exist in the 'entities/fields' page of the Rukovoditel P...

Multiple exploitable SQL injection vulnerabilities exist in the 'entities/fields' page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities, this can be done either with administrator credentials or through cross-site request forgery.

Published Apr 18, 2022 · Updated Apr 15, 2025

Critical · CVSS 10

CVE-2020-28629: Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGA...

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->sprev().

Published Apr 18, 2022 · Updated Apr 15, 2025

Medium · CVSS 5.4

CVE-2020-0923: A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly saniti...

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0924, CVE-2020-0925, CVE-2020-0926, CVE-2020-0927, CVE-2020-0930, CVE-2020-0933, CVE-2020-0954, CVE-2020-0973, CVE-2020-0978.

Published Apr 15, 2020 · Updated Feb 28, 2025

Medium · CVSS 5.4

CVE-2020-0924: A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly saniti...

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0925, CVE-2020-0926, CVE-2020-0927, CVE-2020-0930, CVE-2020-0933, CVE-2020-0954, CVE-2020-0973, CVE-2020-0978.

Published Apr 15, 2020 · Updated Feb 28, 2025

Medium · CVSS 5.4

CVE-2020-0925: A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly saniti...

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0926, CVE-2020-0927, CVE-2020-0930, CVE-2020-0933, CVE-2020-0954, CVE-2020-0973, CVE-2020-0978.

Published Apr 15, 2020 · Updated Feb 28, 2025

Medium · CVSS 5.4

CVE-2020-0926: A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly saniti...

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925, CVE-2020-0927, CVE-2020-0930, CVE-2020-0933, CVE-2020-0954, CVE-2020-0973, CVE-2020-0978.

Published Apr 15, 2020 · Updated Feb 28, 2025

Medium · CVSS 5.4

CVE-2020-0927: A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly saniti...

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925, CVE-2020-0926, CVE-2020-0930, CVE-2020-0933, CVE-2020-0954, CVE-2020-0973, CVE-2020-0978.

Published Apr 15, 2020 · Updated Feb 28, 2025

Medium · CVSS 5.4

CVE-2020-0930: A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly saniti...

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925, CVE-2020-0926, CVE-2020-0927, CVE-2020-0933, CVE-2020-0954, CVE-2020-0973, CVE-2020-0978.

Published Apr 15, 2020 · Updated Feb 28, 2025

Medium · CVSS 5.4

CVE-2020-0933: A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly saniti...

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925, CVE-2020-0926, CVE-2020-0927, CVE-2020-0930, CVE-2020-0954, CVE-2020-0973, CVE-2020-0978.

Published Apr 15, 2020 · Updated Feb 28, 2025

Medium · CVSS 5.4

CVE-2020-0954: A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly saniti...

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925, CVE-2020-0926, CVE-2020-0927, CVE-2020-0930, CVE-2020-0933, CVE-2020-0973, CVE-2020-0978.

Published Apr 15, 2020 · Updated Feb 28, 2025

Medium · CVSS 5.4

CVE-2020-0973: A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly saniti...

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925, CVE-2020-0926, CVE-2020-0927, CVE-2020-0930, CVE-2020-0933, CVE-2020-0954, CVE-2020-0978.

Published Apr 15, 2020 · Updated Feb 28, 2025